McAfee Labs

Facebook Users Suffer From 'Fram'

3
By on Mar 12, 2010

About a year or so ago one of the “McMarketeers” decided it would be fun to run a campaign against “fram”–spam that friends send you. As you might guess, we in the Labs have no friends, so it was no problem for us to ridicule the idea. ;)

baby

However, around the coffee machine the other day I got involved in a quick discussion about spam on Facebook. A long-term social networker genuinely thought that Facebook spam did not exist and that all the noise was from Facebookers playing games or using annoying apps. So I offered to write up an example.

One of the most subversive forms of advertising on Facebook is (though I hate to admit it) fram.

You receive a post like this from a friend:

The post

(Sorry Plum)

This page uses the FBML application to render content in a tab, and that tab is the default you see.
Step one is become a fan, so that you can see the next step.

The box

This posts to your wall:

The post

The fram quickly propagates from friend to friend–and spreads virally, to almost half a million fans.

The post

Let’s return to step 2: after becoming a fan:

The post

<click>

The post

Oooh, SEKR3T CODE! <click>

The post

This bit of JavaScript is very common on Facebook pages that want to spread quickly. It selects all your friends in the invite pop-up. It is a clear sign of something you don’t want to do, and it’s almost always related to some form of scam. I ask my friends not to do it; you should do the same.

Double bubble: Because you’ve posted to your wall once that you’re a fan, why not repeat the process and “share” the page, too?

The post

Of course you want to share this, even though you have not yet seen the content.

The post

By now we hope your friends have said “no thanks” to this. That’s a vain hope, however, because they have nearly a half-million members.

The post

<click> Oh drat. I had JavaScript blocked.

The post

<click> Oh drat> I had ad-block installed.

The  post

At last the Video! … on http://thiswillruinurreputation.blogspot.com/

The post

All that work and what do we see? It’s affiliate spam. :(

So there’s your example. Facebook spam is somewhat complicated and mostly initiated by your friends.

Here are my tips for avoiding wall spam. Befriend only people you know and trust. Hide all the daft apps your friends use. Hide all the friends who think the world wants to know every time they visit the bathroom. Think very very hard before granting an app permission. And please, please, please report spam on the bottom left of the wall page.

The tragedy is that the spammer didn’t lie because behind that advert on the blogspot site there really is a funny video, but to the average user friend it’s impossible to see.

32 minutes ago · Comment · Like
Tags:

3 Comments

  • Facebook has become so popular that its easy to see why they target it. I think we are only going to see more problems with facebook coming up here soon.

  • Barton is lying. He has 183 Facebook friends. I’m one of them! Great piece, Chris.

  • Andreas Nilsson

    Interesting reading, personally I’ve noticed another form of facebook abuse the last couple of weeks. Several girls I don’t know have sent me friend requests. When browsing through their profiles they don’t have a lot of friends but there’s always some kind of link to where they’re supposedly “naked”.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>